bap

3 files changed, 53 insertions, 70 deletions

diff --git a/csgo-loader/csgo-server/RemoteCode/RemoteCodeServer.cpp b/csgo-loader/csgo-server/RemoteCode/RemoteCodeServer.cpp
index daa42ae..65a4306 100644
--- a/csgo-loader/csgo-server/RemoteCode/RemoteCodeServer.cpp
+++ b/csgo-loader/csgo-server/RemoteCode/RemoteCodeServer.cpp
@@ -2,52 +2,5 @@
 

 namespace RemoteCode

 {

-	ByteArray Shellcode = {

-		// TODO: Add shellcode.

-	};

 

-	bool RemoteCodeServer::Start(ByteArray &Parameters)

-	{

-		RemoteCodeParameters CodeParams = *(RemoteCodeParameters *)&Parameters[0];

-

-		// Check if the header is valid.

-		if((!CodeParams.m_EndSceneVmt || !CodeParams.m_OriginalEndScene) ||

-		   (CodeParams.m_EntryPoint || CodeParams.m_CheatHeader))

-		{

-			// TODO: Ban user (probably using fake client)

-			return false;

-		}

-

-		// Set up shellcode.

-		m_CustomCode.insert(

-			m_CustomCode.begin(),

-			Shellcode.begin(),

-			Shellcode.end()

-		);

-

-		// TODO: Set up pointers in shellcode.

-

-		return true;

-	}

-

-	uintptr_t RemoteCodeServer::GetOffsetByPattern(ByteArray &Data, ByteArray Pattern)

-	{

-		if(Data.empty())

-			return uintptr_t{};

-

-		ByteArray::iterator Position = std::search(

-			Data.begin(),

-			Data.end(),

-			Pattern.begin(),

-			Pattern.end()		

-		);

-

-		if(Position != Data.end())

-			return (uintptr_t)std::distance(Data.begin(), Position);

-		

-		return uintptr_t{};

-	}

-

-	// is this loss?

-	ByteArray RemoteCodeServer::GetShellcode() { return m_CustomCode; }

 }
\ No newline at end of file
diff --git a/csgo-loader/csgo-server/RemoteCode/RemoteCodeServer.hpp b/csgo-loader/csgo-server/RemoteCode/RemoteCodeServer.hpp
index dde8b7d..3a31cb4 100644
--- a/csgo-loader/csgo-server/RemoteCode/RemoteCodeServer.hpp
+++ b/csgo-loader/csgo-server/RemoteCode/RemoteCodeServer.hpp
@@ -8,30 +8,8 @@ using ByteArray = std::vector<uint8_t>;
 

 namespace RemoteCode

 {

-	struct RemoteCodeParameters

-	{

-		uintptr_t m_EndSceneVmt;

-		uintptr_t m_OriginalEndScene;

-		uintptr_t m_EntryPoint;

-		uintptr_t m_CheatHeader;

-		uintptr_t m_VirtualProtect;

-	};

-

 	class RemoteCodeServer

 	{

-		ByteArray m_CustomCode;

-

-		// swoo

-		uintptr_t GetOffsetByPattern(ByteArray &Data, ByteArray Pattern);

-

-	public:

-		RemoteCodeServer() = default;

-

-		// Send client the prepared shellcode.

-		// This will also send the original and vmt address of endscene.

-		bool Start(ByteArray &Parameters);

 

-		// Get the response for the client

-		ByteArray GetShellcode();

 	};

 }
\ No newline at end of file
diff --git a/csgo-loader/csgo-server/RemoteCode/RemoteInjectionServer.hpp b/csgo-loader/csgo-server/RemoteCode/RemoteInjectionServer.hpp
index f8f7274..3a975f7 100644
--- a/csgo-loader/csgo-server/RemoteCode/RemoteInjectionServer.hpp
+++ b/csgo-loader/csgo-server/RemoteCode/RemoteInjectionServer.hpp
@@ -1,11 +1,63 @@
 #pragma once

 

 #include <windows.h>

+#include <cstdint>

+#include <vector>

+

+using ByteArray = std::vector<uint8_t>;

 

 namespace RemoteCode

 {

-	class RemoteInjectionServer

+	// What the server sends to the client upon transaction start.

+	struct RemoteServerHeader

 	{

+		// Does the cheat support the DirectX thread execution exploit?

+		bool      m_ThreadExploitSupported;

+

+		// This will be used for allocating the remote memory.

+		uintptr_t m_SizeOfImage;

+

+		// OPTIONAL: The cheat might be using the DllMain function

+		// to do injection. Make sure to call that.

+		uintptr_t m_EntryPoint;

+

+		// OPTIONAL: The cheat might be using TLS callbacks to

+		// do injection. Make sure to call that.

+		uintptr_t m_TlsCallbackDirectory;

+	};

+

+	// Requests supported by the server.

+	// These are stored in a vector and later looked up.

+	struct RemoteServerRequest

+	{

+		// Hash to look up requests by.

+		uint64_t	m_LookupHash;

+

+		// Name printed on the console when a user injects.

+		char		m_DebugName[128];

+

+		// File name that's used to load the DLL server-side.

+		char		m_FileName[260];

 

+		// Does the cheat support the DirectX exploit for creating threads?

+		bool		m_ThreadExploitSupported;

 	};

+

+	// The initial header we receive from the client.

+	struct RemoteClientRequest

+	{

+		uint64_t m_LookupHash;

+	};

+

+	// The response we receive from the client upon transaction start.

+	struct RemoteClientHeader

+	{

+		// Address of remote allocation.

+		uintptr_t m_RemoteAddress;

+

+		// Up to six remote modules.

+		// NOTE: Stop iterating once a module is NULL.

+		uintptr_t m_RemoteModules[6];

+	};

+

 }
\ No newline at end of file